1. Technical Field
The present invention relates generally to an improved system and method for incorporating a password on a bearer financial instrument and proving ownership by requiring the legal user to authenticate using said first password over the network on presentation of the instrument. The bearer instrument is a representation of the owner's authority or rights and may include a machine to readable code representing an unique identifier or image capable of being read by a machine to obtain first verification of legitimacy of the document and presentation of said password to authenticate ownership. The system includes verifying module to verify the bearer instrument and authenticating of its ownership.
2. Description of the Prior Art
In U.S. Pat. No. 5,598,477, issued to Berson, a customer submits information concerning a desired ticket (e.g., scheduling data pertaining to an airline flight). A data processing system sends ticketing information and encrypted validation data to a local printing system. The local system prints the ticket, which includes the validating information encoded in a two-dimensional barcode. The customer presents the ticket at flight time, where a validating system scans the barcode, transforms the data from physical form into digital form and validates it. If valid, the customer receives his boarding pass, luggage claim checks, etc.
The use of two-dimensional barcodes requires printers capable of producing, and barcode scanners capable of reading, such barcodes. Depending upon the number of sites at which tickets are printed or accepted, this may involve significant cost as the local validating device requires special decryption software. Second, the use of cryptographic means to secure the validation information requires a sophisticated key management scheme. This prior art concentrates on the validating the ticket itself rather than the holder of the ticket which is expressed in this application. Verification is done entirely remotely at the issuer server as compare to prior art, which is locally.
In U.S. Pat. No. 6,216,227, issued to Goldstein, et al, although not directly related, teaches the use of large random numbers may be used in place of cryptographic security and uses a one dimension barcode as an alternative.
According to Goldstein who teaches away, “this scheme still possesses the disadvantages inherent in paper tickets, such as destruction or mutilation and the limitation to a single use. In addition, without further protection, the database of random numbers provides a single point of vulnerability. A person with access to the database could conceivably generate large quantities of bogus tickets.”
In most prior arts the focus has been to ensure that the physical representation such as a ticket or smart card is legitimate and attached certain identifiable characteristics to be matched or reconciled on verification. This includes the new generation of smart cards where they stored biometrics of the holder and on presentation these biometrics are retrieved and check against the card holder. In U.S. Pat. No. 6,216,227, a smart card is used as a substitute to real tickets and which enables the users to store multiple ticket events. The main problem is that this biometrics suffers the same fate of being stolen and they cannot be change making identity theft more vulnerable. A password can be changed at anytime. Maintenance of issued cards is also another cost factor.
While matching physically known characteristics are well known as a way to proof ownership, there are instances where one can spoof the reader machine. Finger print readers uses a set of algorithms to identify pattern points on our prints but in test it has been shown that it can't distinguish between a real finger or one made out of a gummy mould. Other prior arts concentrated on authenticating the document itself in the belief that if the document is genuine then the holder with other identifications linked to the genuine document is sufficient to proof ownership by association. Therefore these prior arts teach incorporating security features but made no efforts to further prove ownership. Other prior arts teach comparing the physical known characteristics of the holder or owner such as biometrics to establish identity.